Debian Security Notices

DSA-3208 freexl - security updateJodie Cunningham discovered multiple vulnerabilities in freexl, alibrary to read Microsoft Excel spreadsheets, which might result indenial of service or the execution of arbitrary code if a malformed Excelfile is opened.

DSA-3207 shibboleth-sp2 - security updateA denial of service vulnerability was found in the Shibboleth (anfederated identity framework) Service Provider. When processing certainmalformed SAML message generated by an authenticated attacker, thedaemon could crash.

DSA-3206 dulwich - security updateMultiple vulnerabilities have been discovered in Dulwich, a Pythonimplementation of the file formats and protocols used by the Git versioncontrol system. The Common Vulnerabilities and Exposures projectidentifies the following problems:

DSA-3202 mono - security updateResearchers at INRIA and Xamarin discovered several vulnerabilities inmono, a platform for running and developing applications based on theECMA/ISO Standards. Mono's TLS stack contained several problems thathampered its capabilities: those issues could lead to clientimpersonation (via SKIP-TLS), SSLv2 fallback, and encryption weakening(via FREAK).

DSA-3201 iceweasel - security updateMultiple security issues have been found in Iceweasel, Debian's versionof the Mozilla Firefox web browser. The Common Vulnerabilities andExposures project identifies the following problems:

DSA-3199 xerces-c - security updateAnton Rager and Jonathan Brossard from the Salesforce.com ProductSecurity Team and Ben Laurie of Google discovered a denial of servicevulnerability in xerces-c, a validating XML parser library for C++. Theparser mishandles certain kinds of malformed input documents, resultingin a segmentation fault during a parse operation. An unauthenticatedattacker could use this flaw to cause an application using thexerces-c library to crash.

DSA-3197 openssl - security updateMultiple vulnerabilities have been discovered in OpenSSL, a SecureSockets Layer toolkit. The Common Vulnerabilities and Exposures projectidentifies the following issues:

DSA-3193 tcpdump - security updateSeveral vulnerabilities have been discovered in tcpdump, a command-linenetwork traffic analyzer. These vulnerabilities might result in denialof service (application crash) or, potentially, execution of arbitrarycode.

DSA-3192 checkpw - security updateHiroya Ito of GMO Pepabo, Inc. reported that checkpw, a passwordauthentication program, has a flaw in processing account names whichcontain double dashes. A remote attacker can use this flaw to cause adenial of service (infinite loop).

DSA-3191 gnutls26 - security updateMultiple vulnerabilities have been discovered in GnuTLS, a libraryimplementing the TLS and SSL protocols. The Common Vulnerabilities andExposures project identifies the following problems:

DSA-3182 libssh2 - security updateMariusz Ziulek reported that libssh2, a SSH2 client-side library, wasreading and using the SSH_MSG_KEXINIT packet without doing sufficientrange checks when negotiating a new SSH session with a remote server. Amalicious attacker could man in the middle a real server and cause aclient using the libssh2 library to crash (denial of service) orotherwise read and use unintended memory areas in this process.

DSA-3177 mod-gnutls - security updateThomas Klute discovered that in mod-gnutls, an Apache module providingSSL and TLS encryption with GnuTLS, a bug caused the server's clientverify mode not to be considered at all, in case the directory'sconfiguration was unset. Clients with invalid certificates were thenable to leverage this flaw in order to get access to that directory.

DSA-3180 libarchive - security updateAlexander Cherepanov discovered that bsdcpio, an implementation of thecpio program part of the libarchive project, is susceptible to adirectory traversal vulnerability via absolute paths.

DSA-3179 icedove - security updateMultiple security issues have been found in Icedove, Debian's version ofthe Mozilla Thunderbird mail and news client: Multiple memory safetyerrors and implementation errors may lead to the execution of arbitrarycode or information disclosure.

DSA-3178 unace - security updateJakub Wilk discovered that unace, an utility to extract, test and view.ace archives, contained an integer overflow leading to a bufferoverflow. If a user or automated system were tricked into processing aspecially crafted ace archive, an attacker could cause a denial ofservice (application crash) or, possibly, execute arbitrary code.